Get a 405 trying to delete a user using the API

Question

Get a 405 trying to delete a user using the API

DarrenCook opened this issue 3 years ago · 7 comments

Describe the bug

The command to delete a user does not seem to be working.

To Reproduce

I followed the example in https://github.com/keycloak/keycloak-nodejs-admin-client/blob/master/test/users.spec.ts

  let user = await kcAdminClient.users.findOne({email})
  // Confirmed this is working and `user` is what I expect
  await kcAdminClient.users.del({
     id: user.id,
   });

I expect it to quietly delete the user. Instead I get an exception thrown:

    status: 405,
    statusText: 'Method Not Allowed',
    ...
    data: {
      error: 'RESTEASY003650: No resource method found for DELETE, return 405 with Allow header'
    }

I've logged into the admin console, found the user and deleted them there and it works; so I think the eliminates any firewalls or server settings.

In the browser network tab I can see a DELETE request was sent, and the headers look to match what I see in the nodejs exception. One difference is that the exception doesn't show the user ID in the URL (so I assume it is in body data?).

Enviroment (please complete the following information):

OS: Ubuntu
Keycloak Version: 15.0.1
NodeJS 16.4.1

Answer 1 · 2021-09-21T20:13:39.000Z

I had the same issue.

But I realised it is happening if you pass in a null/undefined user ID parameter. I think the API should be updated to throw an exception in this circumstance.

Answer 2 · 2021-11-02T11:39:18.000Z

@DarrenCook did this solve it? I'm going to close it as we didn't hear from you

Answer 3 · 2021-11-02T11:55:57.000Z

did this solve it?

If "this" means the comment by Richard Kendall, I don't think that is applicable: I had confirmed user.id was a valid string, and not null.

But if there has been a related bug fix I can try upgrading and running a test at some point.

Answer 4 · 2021-11-02T12:32:08.000Z

@DarrenCook do you have some more information how we could reproduce this issue. We didn't fix is as we can't reproduce this.

Answer 5 · 2022-04-21T11:34:31.000Z

I was also facing exactly same issue. Root cause was kcAdminClient.users.findOne was returning Array instead of just one User (I think this should be fixed) . Issue resolved after modifying my code to get 1st user from array. e.g.

  let [user] = await kcAdminClient.users.findOne({email})
  // Confirmed this is working and `user` is what I expect
  await kcAdminClient.users.del({
     id: user.id,
   });

Answer 6 · 2022-09-12T09:23:46.000Z

Thanks @armujahid: that turned out to be the problem for me too. (I was just forced to revisit this!)

I think the underlying problem comes down to the surprising behaviour of findOne() described here: #461 (comment)

I.e. if you search on id as shown in the spec.ts document, it returns a user object, and if you search on anything else, such as email, it returns an array of user objects.

This just needs to be documented clearly somewhere. Perhaps also add a second unit test showing a delete by a field other than id; this is behaviour that needs testing. A simple clone of that user.del unit test, and swapping id for email should do it?

Answer 7 · 2022-09-12T11:37:33.000Z

Feel free to open up a PR for adding another test, that's always appreciated!